Cisco Duo primarily secures our environment.

I appreciate the features that Cisco Duo offers. Cisco Duo's team sent us some questions, for example, about the feature called Identity Intelligence. I have tried using the Identity Intelligence feature and have been working with it. I can confidently say that Identity Intelligence has improved my visibility into identity risk and has helped me make defenses against identity-based threats better.

The main issue with Cisco Duo is dependency. For example, it verifies the subscription with features Duo Push, OTP code, and phone dependency. If you lose or break your phone, users without smartphones will face connectivity issues. There is also integration challenges, support for legacy systems and cloud connectivity, management overhead, and the system can be bypassed by phishing techniques.

To improve these issues, users should be required to confirm a number to approve authentication requests. This would enable disabling auto push and then enable trust-based authentication with new device detection, new location detection, and VPN detection.

Additionally, Cisco Duo is subscription-based depending on the number of users and has a dependency on mobile devices for advanced features. The cost will become expensive for large user accounts. The system requires approve push and either OTP, with push deployments through Duo mobile applications. There is limited offline support, it requires internet connectivity and cloud dependency. Internet outages can cause authentication issues affecting VPN, Windows login, and cloud applications.

I have been using Cisco Duo in my career for three years.

I do see instances of lagging, crashing, or downtime. We used to experience downtime, for example, during code upgradations and OS upgrades on the server, switches, and firewalls. We try to mitigate it, but we need to implement upgrades without downtime. Sometimes the device will not come up after reboot, which can cause downtime.

Cisco Duo performs well regarding scalability. The scalability depends mostly on the number of users. The system has good scalability and can handle more users, more logins, and more locations without performance issues. This depends on the cloud-based, globally distributed infrastructure with no dependency on on-premises services. It can scale from 10 users up to thousands and hundreds of users. The system also has load balancing, high availability, and failover capabilities. A small office can support up to 50 users, while a large office can support more than 10,000 users.

I have contacted customer support regarding Cisco Duo for assistance. The quality and speed of support depend on various factors. For example, when we receive any ticket, we need to assign it to ourselves first and then depend upon the SLA to work on the ticket. We need to resolve it within the SLA timeframe.

Regarding Proximity Verification feature, I have seen it in action last year.

Cisco Duo's initial deployment is easy. We need to have a mobile application and need to install it for users on VPN, servers, clouds, cloud applications, and for admins and passwords. We need to have a security policy required and identity source such as LDAP, local users, Active Directory, and Azure AD. We need to have VPN devices for servers and firewalls with HTTP 443 port number. We need to have web applications and cloud applications, and Windows login. We need to have end-user devices for MFA, such as a smartphone and SMS. We need to have synchronization for security policy purposes, licensing, and many other components.

Regarding the pricing for Cisco Duo, it is somewhat expensive. Cisco Duo costs depend on the technology. Up to 10 users, it is free. Premium versions go for dollars, such as $10 per user per account. As the number of members increases, the cost increases. It is very useful to have for multi-factor authentication.

I would rate the return on investment at an 8 or a 9.

I have noticed an increase in phishing attacks in my organization recently. There has been a significant spike in the number of attacks, and they feel more sophisticated, which makes them more difficult to deal with. We used to get phishing attacks through our emails, SMS, WhatsApp, and fake website links. The domain may show a hyphen, for example, Microsoft hyphen login, and attackers will try to send a link. If you click on that link, all our data will be hijacked. We need to protect our devices and environment and should not click any unknown links. That is why we need to enter MFA with valid credentials.

Alternatives to Cisco Duo that we have been using in our organization include third-party applications. We can use Okta and Microsoft SSO, Microsoft Azure MFA, Rublon MFA, Twilio, and PingID from Ping Identity. There is also Secure Authentication and RSA SecurID in the market. There are many third-party alternatives available.

The main issue with Cisco Duo is dependency. For example, it verifies the subscription with features Duo Push, OTP code, and phone dependency. If you lose or break your phone, users without smartphones will face connectivity issues. There is also integration challenges, support for legacy systems and cloud connectivity, management overhead, and the system can be bypassed by phishing techniques.

To improve these issues, users should be required to confirm a number to approve authentication requests. This would enable disabling auto push and then enable trust-based authentication with new device detection, new location detection, and VPN detection.

Additionally, Cisco Duo is subscription-based depending on the number of users and has a dependency on mobile devices for advanced features. The cost will become expensive for large user accounts. The system requires approve push and either OTP, with push deployments through Duo mobile applications. There is limited offline support, it requires internet connectivity and cloud dependency. Internet outages can cause authentication issues affecting VPN, Windows login, and cloud applications.

My overall review rating for Cisco Duo is 8.

My main use cases for Cisco Duo involve implementing zero trust very early. We launched a project to do so, evaluated the market space, and chose Cisco Duo as a platform for its simplicity and ease of use, particularly for the end user.

The features I appreciate most about Cisco Duo are its simplicity for the end user and its integration into conditional access for Entra.

These features benefit my company by providing ease of use for our user base, thus driving fewer support tickets. It is easier to deploy, integrates into Intune and Jamf for end-user platforms, and fits very well with our bring-your-own-device policy for mobiles.

Cisco Duo can be improved by having easier integration into UbiKeys, which would be fantastic. While they are fairly easy to implement, an easier mechanism for rolling out UbiKeys with Cisco Duo would also be fantastic. Additionally, we could benefit from easier app updating procedures and notifications prior to updates to aid end users when they need to complete updates. We are going through that at the moment, but Cisco Duo is a fantastic product that is great for our end users. It is secure, flexible, and fits very well into the architecture we are trying to establish.

I have been using Cisco Duo for eight years.

Cisco Duo has not helped my company reduce its overall authentication-related costs, as it is a cost above what we already have. Because we are on Entra, we do have those licenses bundled in with Entra, but the benefits of Cisco Duo outweigh that.

Cisco Duo scales perfectly with the growing needs of my company. There are no problems as it scales up, scales down, and integrates into our IDP, so I have no complaints with the scalability.

Regarding its scalability and reliability, we have sometimes found issues, particularly with iOS updates, only to the point that we were not getting the notifications. However, Cisco Duo support has been fantastic with that. We have a great relationship with Cisco, so they take that feedback very readily.

The customer support and technical service from Cisco have been fantastic throughout. We speak to the product development team as part of that relationship, and they listen to our ideas readily, including the UbiKey ideas, for example.

I would rate the customer service and technical support as a nine out of ten, only because of the slight issues we had last year with the prompts that took a while to fix. It was one isolated incident.

Before choosing Cisco Duo, I considered native Entra, which was very much in its infancy at that time.

The deployment experience of Cisco Duo was straightforward. Another gentleman handled the workload that was fairly easy to roll out. It touched multiple teams because we had end-user support, operations, and integration to Entra, so it was a multi-phase approach and a multi-team effort, with change management throughout the organization. The key here is that the most important part, and the most difficult part to do, is our end-user base. At the end of the day, that is what Cisco Duo was picked for because the app is so easy to use for our end-user base on its multiple platforms. If you are going to look at the most challenging thing with a rollout, that is where you need to focus, rather than behind the scenes in the work for integrating it into your conditional access policies.

From my point of view, the biggest return on investment when using Cisco Duo is the low support costs. Obviously, you have to have MFA, it is non-negotiable, and the fact that the platform is so easy to use and so flexible provides that return.

Looking back at my initial investment in Cisco Duo versus the total value it has delivered over time, that choice has paid off for my company massively. We were able to implement zero trust extremely quickly because of the platform and its ongoing developments, including Cisco Duo Network Gateway, which enabled that transition to zero trust extremely quickly. This has been a fantastic journey for us and our strategic objective.

My experience with the pricing, setup costs, and licensing of Cisco Duo shows that it is a cost above our Entra costs, which we are always reviewing. The benefits outweigh the cost in terms of its simplicity, its ease of use for the end-user base, and its flexibility with other components we can use and integrate, such as OTP when needed on the odd occasion. Those benefits outweigh the extra cost that we have had to deploy.

I picked Cisco Duo at the end of the day again for its flexibility and the range of features that it has, particularly with ease of use for our end user. That is paramount. Providing that extra layer of security with that ease of use for our end user has been superb.

Cisco Duo was the first multifactor authentication platform that I decided on, approximately ten years ago.

I would rate Cisco Duo overall as an eight out of ten because it is a solid product that works incredibly well for our end-user base. It is secure and adaptable, but it does come at a cost above what competitors offer as part of packages we have to pay for already. We could do a better job in informing our users how to update the app ahead of time when that is necessary.

My advice to other companies considering Cisco Duo is to consider it very carefully for the points I have stated. It is a fantastic product that is easy to use and easy to roll out for our end-user base. However, that does come with a cost, which you are probably already paying for as part of well-known IDPs. We have found it a very valuable product to have, and that ROI has been shown specifically in the reduction in support costs.

There is another aspect I would love to share about Cisco Duo. We operate a good number of partnership relationships, and that is another part of the platform that we have found very easy to administer and track, especially for compliance measures.

My main use case for Cisco Duo is as a two-factor authentication. A quick specific example of how I use Cisco Duo is through 2FA. Everything is fine with my main use case.

In my opinion, the best features Cisco Duo offers include its 2FA authentication, which is very good. Everything is perfect about the features; it is very easy to use, and the integration with other systems is very good.

Cisco Duo has positively impacted my organization, and I have noticed specific improvements since using it. The improvements I have noticed include making security very good and increasing our overall security.

I believe Cisco Duo can be improved, but I think the current state is sufficient. I don't really wish for any specific changes regarding needed improvements.

I have been working in my current field as an infrastructure engineer for approximately 15 years.

Cisco Duo is very stable.

Regarding Cisco Duo's scalability, it meets our requirements.

Customer support for Cisco Duo is very good. I would rate the customer support as a nine on a scale of 1 to 10.

I have not used a different solution before Cisco Duo, as it was the first solution I implemented.

My experience with pricing, setup cost, and licensing for Cisco Duo is that it's not getting worse; it's better now.

On a scale of 1 to 10, I would rate Cisco Duo as a nine because it's a very good solution.

Looking back at my initial investment in Cisco Duo versus the total value it has delivered over time, I have seen a return on investment.

Before choosing Cisco Duo, we had IPV as an option.

My advice to others looking into using Cisco Duo is to recommend they use Cisco Duo. My company does not have a business relationship with this vendor other than being a customer.

I have not implemented Duo's end-to-end phishing resistance, and we don't have capabilities such as proximity verification. I still need to check about using Cisco Identity Intelligence. I have noticed an increase in phishing attacks in my organization recently; the attacks are getting more frequent, which is why we improved the security for 2FA.

I give Cisco Duo an overall review rating of 9.

I mainly help customers to setup Cisco Duo for multi-factor authentication.

Duo significantly increases phishing resistance for application access. So the main benefit is improved security.

Passwordless authentication - This is the future of secure access. By eliminating passwords entirely through FIDO2/WebAuthn, Duo removes the primary attack vector for credential theft while also simplifying the login experience for users.

Cisco Duo is technically excellent, but the main challenge is market positioning rather than product capability. Microsoft Authenticator comes bundled with Microsoft 365 at no additional cost, so many organizations default to that solution rather than purchasing Duo as a standalone product.

I have been using Cisco Duo for approximately one and a half years.

Cisco Duo is very stable. I have never experienced major outages or service disruptions. The product itself is reliable - any minor issues we've encountered were typically user configuration errors rather than platform problems.

The scalability is excellent. Being cloud-based, Duo handles any user count without infrastructure concerns. We've scaled it across multiple customers without performance issues.

I have no experience with their support - I have never encountered issues that required contacting Cisco. The product documentation and admin portal have been sufficient

Yes, I used Microsoft Authenticator but only as a end user. In my opinion, Duo is simpler and more intuitive. From an admin perspective, I can't give a review.

The initial setup is straightforward and fast. Duo's phased rollout approach shows they understand real-world deployment challenges. Overall, it's very easy to implement.

My company is a Cisco Duo reseller and partner, so we perform the deployments ourselves for our clients rather than using external integrators or consultants.

I don't have quantifiable ROI data. The value is primarily in risk mitigation - preventing phishing and credential theft. The cost of a single breach would far exceed the investment in Duo. I cannot speak to operational cost savings like reduced password reset tickets.

The pricing is fair and straightforward - per-user licensing makes budgeting simple. Setup is easy and intuitive. The licensing tiers are well-structured and easy to understand.

9 out of 10. Duo is technically excellent - stable, feature-rich, with outstanding passwordless capabilities and straightforward deployment.

My advice: Take advantage of the free tier (up to 10 users) and 30-day trial to test it in your environment.

Cisco Duo is primarily used for MFA purposes, whether for remote server login or dual login. It has not been integrated onto an application yet, but it has been integrated across all remote servers, including Windows, Linux, and heterogeneous environments with dual MFA.

We work with major cloud providers and integrate Cisco Duo wherever there is a critical workload to maintain the balance between cost and security. It is not a blind deployment everywhere.

Cisco Duo is very user-friendly. You do not need to struggle, and you do not need to teach non-technical users or executives how to use it. If you miss a device or change your phone or handheld devices, you can still reactivate on your new device very easily. It is very user-convenient, and there are many methodologies available. You can get SMS alerts, web plug-ins, and push notifications. It is available for both Android and iOS.

As long as we are clearing the audits, that confirms that we are secure enough. We have been able to convince our security auditors that we are compliant with all the laws, at least from an MFA standpoint, regarding the return on investment from using Cisco Duo.

There are some areas for improvement. Cost could be one opportunity, as if the cost is further reduced, we can increase it to the maximum user base. Since DPD is becoming very aggressive and active, especially in countries like India, once the cost is reduced, we can probably scale it to all 6,000 to 7,000 users. Right now, it is only limited to the production environment and could be extended to all applications.

Scalability could also be better if the price were reduced, as scaling is quite expensive. The account manager could reach out for the next level of expansion and offer certain premium support along with a lower cost.

The main areas for improvement regarding Cisco Duo are cost and scalability, which are directly connected.

We have been using Cisco Duo for almost more than seven or eight years.

Cisco Duo is quite stable when using it recently.

Scalability could be better if the price were reduced, as scaling is quite expensive.

Cisco's technical support is good, as in the last couple of years, we have not needed to reach out to them. Since I have not dealt with it a lot, I would rate them a six or seven in terms of support.

We used a couple of products in the past, but the main reason for not adopting them was that the convenience was not comparable. There were no such two or three methodologies through which a user could get alerts, especially push notifications. Google Authenticator is available, but it does not offer push notifications. It offers them only for Google products, but may not work for other third-party applications. Microsoft Authenticator has some capabilities, but it runs quite smoothly on the Microsoft platform but may not work on any third party. Cisco Duo is quite neutral from a product standpoint.

We ran POCs for a couple of months with Cisco Duo. After seeing the usability and user-friendliness, we slowly expanded it to a couple of users. Although it is a costly product, the features themselves enabled us to adopt it.

The deployment of Cisco Duo has been done in-house.

As long as we are clearing the audits, that confirms that we are secure enough. We have been able to convince our security auditors that we are compliant with all the laws, at least from an MFA standpoint, regarding the return on investment from using Cisco Duo.

It has not reduced the cost for authentication-related functions, but the cost remains the same. There have not been many changes in the cost. However, because of the user convenience, we are pretty good with the existing cost.

We have not deployed Duo Directory to manage user identities.

We have not implemented Duo's end-to-end phishing resistance with capabilities like proximity verification.

We are using CrowdStrike and we are not using SentinelOne.

We certainly use Cisco Duo and Cisco switches and pre-switches, but those are the products.

We are a customer of Cisco.

We are not using Cisco Identity Intelligence.

Phishing attacks in our organization have increased, which is very common. It keeps fluctuating both ways, but we have been able to mitigate this quite well.

Cisco Duo is quite easy to deploy, and I do not see much technical challenges. Any technical team can adopt it quite easily. The overall rating for this review is nine out of ten.

My main use case for Cisco Duo is to integrate with Active Directory, and I am using it for two-factor authentication.

Cisco Duo has positively impacted my organization by securing our agents using the VPN.

Cisco Duo has helped secure our agents with the VPN, ensuring they must make approvals through mobile devices to verify the person's identity.

The best features Cisco Duo offers are device discovery, which identifies whether a device is iOS or Android.

The device discovery feature helps me in my day-to-day work by assisting with our monthly check since the Android and iOS discovery capabilities identify devices without updates for specific versions. When I export the users, I can see those device versions.

Cisco Duo can be improved because people have their own personal mobile devices.

I chose a rating of nine out of ten for Cisco Duo because we missed the Duo Desktop integration, as it is not working as well as the Duo Desktop agent.

I have been using Cisco Duo for more than five years.

My advice to others looking into using Cisco Duo is that it is a great product, and I recommend it for everyone, specifically for those using Cisco Secure Client.

I am currently using Cisco Identity Intelligence, and it has helped improve my visibility into identity risk and strengthen my defenses against identity-based threats.

Cisco Duo serves as the primary multi-factor authentication solution for our company.

The simplicity and the number of integrations available in Cisco Duo are the two aspects I appreciate the most.

Cisco Duo is remarkably easy to use. You log in, receive a push notification on the Cisco Duo app, and simply confirm it to gain access. The number of integrations available is exceptional as well. I believe no other MFA service has as many integrations available, and for those who prefer not to use the app, an SMS fallback remains available.

The benefits of such simplicity in Cisco Duo are significant. Employees spend considerably less time logging in and approving logins. They do not grow tired of the multi-factor push notifications because it is easy, fast, and not repetitive, so we do not experience much attrition from it.

Cisco Duo has provided substantial value, primarily in saved time, but also in low cost because administrators do not have a significant workload with Cisco Duo. It simply works, and I believe it has been a great investment for our company.

I genuinely appreciate Cisco Duo as it is, and I value the fact that the company has been improving on identity management as well. My advice for the developers is to continue doing what you are doing because you are performing excellently. Perhaps focus even more on identity management because it can become a strong alternative to either Entra ID, Okta, or any other identity access management provider.

We have not yet deployed Cisco Duo Directory for managing user identities.

I have been using Cisco Duo for approximately five to six years, essentially as long as I have been with the company.

I have not received any negative reviews about the stability of Cisco Duo, and I do not believe we have experienced any downtime with Cisco Duo. The stability has been excellent.

Cisco Duo scales exceptionally well. Adding another user is straightforward and simple. We are a fairly small company by global standards but a fairly large one for our country, so scalability has not been an issue for us. Even if we grow twofold, it will not present a problem for management. You would not need any more engineers to manage Cisco Duo even if we scale up to 500 employees because it is so simple to manage.

The customer experience for me through using Cisco Duo has been excellent, but I cannot speak about technical support because that is handled by our engineers, and I do not have any information on that.

We also have a Microsoft group in our company and they mostly use Microsoft products, of course. So for us, as an integrator, it mostly comes down to the vendor you are working with. But my clients and most organizations in our market also often consider Microsoft products, and perhaps FortiToken or YubiKey, which is a hardware multi-factor authenticator, helpful in FIDO-related use cases.

The biggest return on investment when using Cisco Duo is time, primarily because it is so simple to use that many employees save considerable time signing in to applications and can focus on other more important tasks.

The time saved with Cisco Duo is at least a couple of minutes per day per employee. If you multiply that by over 300 employees, you can see how much time is saved and how much more time people can spend on actual projects instead of signing on.

The reason clients choose Cisco Duo is the same as mine: the number of integrations that Cisco Duo has over other solutions such as Microsoft Authenticator, and also the simplicity of management.

Being a partner of Cisco, we have many benefits price-wise, but with our customers, I believe Cisco Duo is very competitively priced, and it should remain that way because it is easier to position. Many customers are accustomed to having Microsoft products in their environment because of how Microsoft licensing operates, so having competitive pricing for Cisco Duo makes it easier to implement Cisco with customers.

My clients mostly consider Microsoft products because the Microsoft licensing system is designed in such a way as to encourage customers to consume as much of Microsoft services as possible.

There has been a considerable increase in phishing attacks recently, not just at my customers but also at our company. We attempt to mitigate that by running phishing campaigns for our customers to prepare them to react, as part of our cybersecurity portfolio.

But that is more a question for our cyber intelligence group. They have, however, been discussing mostly the use of AI in attacks and how much more sophisticated the attacks have become. Using AI also means that the attack is easier to perform, which subsequently also means there are more of them.

Companies that are considering Cisco Duo should not hesitate any longer. Simply implement it because it is a great product, and I believe it surpasses other multi-factor authentication solutions, and you will not regret it. I would rate this review 9.5 out of 10.

We primarily use Cisco Duo for MFA purposes to aggregate MFA solutions, so we don't need five different apps for MFA on our phones, which is excellent. We also link it for identity posture with other Cisco solutions.

I don't think we use that part of Cisco Duo, perhaps other teams do, but not on my side.

We do use Cisco Duo to mitigate phishing attacks and make threat defense. We have a lot of attacks; some are clearly identified and discarded before they reach our emails, although some still reach our email. There are a lot of phishing attacks for us internally and for our clients.

The features of Cisco Duo that I have appreciated so far include the seamless integration with many MFA features, so we can correlate everything in one app and don't multiply MFA apps, which is excellent.

Cisco Duo helps our company by allowing us to manage many internal solutions we use efficiently. If every hundred solutions we use each had a different MFA app, we simply couldn't manage that on our phones; it would be too complicated. For security purposes, we want a real posture approach for our MFA to correlate who has access to what, making it easy for our internal security team to give access to those who can access the app.

An improvement for Cisco Duo would be a simplification of the licensing model since it's quite complicated to know what's included or not, especially now as it's part of Cisco Secure User Suite, and there are many modifications happening regarding the licensing.

We see the licensing model for Cisco Duo as favorable for our company since we are on NFR because we are a Cisco partner, so we're not exactly clients. The licensing model is quite good except for small countries like ours, where for less than 100 users, the cost is prohibitive, making it too expensive for small companies.

Since I entered my current company, I have sold Cisco Duo to our clients, and inside our company, we use Cisco Duo as our MFA solution for some solutions we have running in our labs and also production solutions we have internally. It has been four years now.

We don't have any complaints about the stability and reliability of Cisco Duo; it is quite reliable.

I am not in charge of customer service and technical support for Cisco Duo as it is managed by our technical team, but overall for Cisco, we are quite happy. I had a licensing problem last week that was solved in about two hours, so I am always satisfied.

I'm not on the technical part of Cisco Duo's deployment process, so I don't deploy it myself, but I think our engineers are quite happy about it, and I haven't received negative feedback on that.

The biggest return on investment for me when using Cisco Duo is gaining time, as I don't have to look at ten different MFA apps, and I know it will work. On a daily basis, I could say I save around ten minutes not searching for the correct app, and if we multiply that by the number of days I work, it amounts to hours and even maybe days over the years, so that's excellent.

Regarding pricing, setup cost, and licensing for Cisco Duo, I find it's not cheaper or more expensive than other products. We do have to pay sometimes for quality, but it's not an outrageous price, so I think it's at the right spot.

My company considered some other solutions before choosing Cisco Duo, but I am not sure if I can disclose them.

The biggest difference I see between those solutions and Cisco Duo is the integration with the other Cisco features like ICE.

I am not currently using Cisco Identity Intelligence, and I am not sure if it is part of ICE.

In my opinion, the spike in phishing attacks happens because AI simplifies it for hackers and malicious people to create attacks, as it's really easy for them to copy a website or an email that looks like an official Microsoft or other email and they can mass scale their attacks with ease, so it's not manual operations anymore, and they can generate thousands of attacks each day.

I have not implemented Duo's end-to-end phishing resistance with capabilities such as proximity verification internally.

I have not deployed Duo Directory to manage user identities, as I think it's linked to our AD.

Whether Cisco Duo has helped my company reduce its overall authentication-related costs, I don't know, but the ease of operation is definitely there. Cisco Duo makes everything easier.

I haven't heard any real complaints or gossip about the deployment.

I think the questions regarding my experience using Cisco Duo were quite exhaustive.

I would rate this review an eight out of ten.

Cisco Duo's main use case is with Federal, specifically a version for the government, positioned side-by-side with Okta. Originally, it was implemented with the Department of Defense, which ran the traditional Oracle IAM. Someone convinced them that the Oracle IAM was obsolete, so they decided to reverse engineer the entire system. The migration involved reverse engineering the Oracle IAM into Cisco Duo and Okta, transitioning from on-premises to the cloud while maintaining integration with Oracle Cloud due to their heavy investment in Oracle Cloud for EBS, HCM, and enterprise ERP systems.

The best features of Cisco Duo include easy integration. I could do a lot of things with Cisco Duo comprehensively. Multiple types of MFA are available, and the fact that it passed the certification with the Department of Defense gave Cisco Duo an A+.

I use Cisco Duo's Advanced Identity Threat Detection and Response feature, which includes all the necessary counterparts. It has the intelligence to detect threats, performs risk assessment, and then provides a score to determine whether someone is legitimately attempting to sign in.

This feature has been helpful because it validates while maintaining trust. The trust but verify design principle is fundamental. Cisco Duo includes the Zero Trust Architecture, where everything lists a privilege, and from there, Privileged Access Management applies. If you want to elevate someone and give them additional privileges, the system handles that process.

I have not had the chance to rate Cisco Duo's support because I pass my documentation to the group responsible for creating tickets, as being a contractor, I don't have the account permissions to create tickets myself. I document everything with screenshots and pass it along. Based on what I heard regarding their response, Cisco Duo's support is pretty good. They are responsive and accurate in their responses, and they do their homework. This is one thing I now observe as a stark contrast with Oracle, where the support experience is terrible. You need to create a ticket, and then I have to call back and create another ticket just to monitor the first ticket. With no responses on those two, I had to create a third ticket to monitor the second ticket. I created about 33 tickets on this IAM thing because there was an intermediary, Accenture Federal. I created about 33 tickets just to monitor the previous tickets, and no resolution was given. I came up with my own solution.

I am not involved with Cisco Duo's pricing, so I am the person where they said, 'We bought this product, go ahead and do your magic.'

I was introduced to Cisco Duo when I worked for University of Massachusetts in 2012. I have had multiple projects since then because I have encountered clients with all kinds of IAM. One group does not want to give up their IAM because it works well with their application.

Cisco Duo is stable and reliable in my opinion. The fact that it goes into production means it goes through the ATO process, where everybody tests it and different groups conduct their own testing. I have not encountered any issues unless we patch the environment. The only downtime I have encountered is during patching, but that is not due to Cisco Duo. That is part of the maintenance standard operating procedure.

Cisco Duo is pretty scalable.

Based on what I heard regarding their response, Cisco Duo's support is pretty good. They are responsive and accurate in their responses, and they do their homework.

The main differences between Cisco Duo and Okta for IAM solutions are that Okta does not have an exclusive product tagged as Federal. It depends on the person designing it. The way I made Okta comparable with Cisco Duo Federal is by attaching it to CAC, which is used by the military as military ID. That is the only way it becomes federal level because you are using another form of identification. With Cisco Duo, it is embedded within the system. However, somehow, the Department of Defense got sold on the idea that Okta is the way to go. Gradually, Cisco Duo is there because of Cisco. The name Cisco behind it makes it a really powerful product.

I have experience with Cisco Duo across different IGA and IAM security products including Oracle IAM, Okta, SailPoint, Ping, Cisco Duo, Active Directory, and Entra ID, which is Microsoft's offering.

My experience with Cisco Duo's strong security authentication system has been good. It is seamless and easy to integrate. It is flexible.

Cisco Duo's IAM is evolving because it now includes AI. I am not sure if I have fully used OAuth, the authorization component. I think it is there, but I just have not fully played with it. The OAuth, OpenID, and SAML are all present, but this IAM is evolving.

I have not had the chance to use Cisco Duo's conversational AI interface for administration tasks. Everything now is AI-enabled, but the government is very cautious about that. It is a switch that you can turn off and turn on if you want it.

The passwordless environment has been the subject of a huge debate about passwords. I even gave a presentation with the Department of Energy, and they did not like the way I presented it. I made a joke and said, 'With passwords, you need to extract the blood of the person you want to authenticate, aside from the password,' and they did not like that. They said it was too bloody. With passwordless authentication, FIDO 1, 2, and 3 are the direction everything is going. Everything is keys now, anywhere, and tokens. That is why Oracle IAM was dropped from the equation.

Cisco Duo is hybrid. First, they want to see it on-premises, and from there, it evolves because of the way things are deployed. They start with the application, the databases are on-premises, and then the applications are moved to the cloud. That becomes a hybrid situation, and then one by one, the databases are transported to the cloud.

When you work on government projects, everything is there with Cisco Duo. AWS, Azure, GCP, and Oracle FedRAMP are all available. It is multi-cloud.

I would rate this review a 9 overall.